You could always use the machine encryption key. If the connection
info is user-specific, use the user encryption key.
For more info, read up on encrypting configuration sections and the
Data Protection API on MSDN.
I'm assuming you're using .NET 2.0.
On Oct 2, 2006, at 1:48 PM, Sebastian Good wrote:
Ah, but where do you store the encryption key? We have a similar
system in
our project, have discussed this one a great deal. You've taken a
secret out
of your XML file and put it into an encryption key. Where do you
like to
hide THAT secret?
-----Original Message-----
From: Discussion of advanced .NET topics.
[mailto:[EMAIL PROTECTED] On Behalf Of Franklin
Gray
Sent: Monday, October 02, 2006 9:44 AM
To: ADVANCED-DOTNET@DISCUSS.DEVELOP.COM
Subject: Re: [ADVANCED-DOTNET] SQL connection information - Encryption
We've use a seperate xml file for all system settings that we don't
want in
the DB including the UserID, password and datasource. The whole
file is
encrypted. What we like about this is all we have to do is just
one change
and the whole system is updated. The location of this file is in
the app
config. If you want to change the settings just for one user, we
have an
app that can generate do that (change the settings and store them
locally,
change the app config). I wrote the xml file loading and
decryption years
ago and have used it many many times so I love the reuse I've
gotten on my
work. Just plug and play :)
===================================
This list is hosted by DevelopMentorR http://www.develop.com
View archives and manage your subscription(s) at http://
discuss.develop.com
===================================
This list is hosted by DevelopMentorĀ® http://www.develop.com
View archives and manage your subscription(s) at http://
discuss.develop.com
===================================
This list is hosted by DevelopMentorĀ® http://www.develop.com
View archives and manage your subscription(s) at http://discuss.develop.com
